2013, Government and Security - Information Management Today

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Phishing

Phishing Government File names Access

Ex Twitter employee found guilty of spying for Saudi Arabian government

Security Affairs

AUGUST 10, 2022

In November 2019, the former Twitter employees Abouammo and the Saudi citizen Ali Alzabarah have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. The two former Twitter employees operated for the Saudi Arabian government with the intent of unmasking dissidents using the social network.

Government

Government Marketing Access IT

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military

Military Government Phishing Libraries

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. These are based on publicly disclosed incidents in the media or security reports.” The maintainers of the project also mapped the attacks to the MITRE ATT&CK framework.

Ransomware

Ransomware Data collection Education Security

North Korea APT group targeted tens of UN Security Council officials

Security Affairs

OCTOBER 1, 2020

North Korea-linked APT group targeted UN Security Council officials over the past year, states a report from the United Nations organ. A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. ” reads the report.

Security

Security Phishing IT Government

United States government files civil lawsuit against Edward Snowden

Security Affairs

SEPTEMBER 17, 2019

The United States government sued Edward Snowden , the former CIA employee and NSA contractor, to block payment for his book, Permanent Record. The US DoJ filed a lawsuit against Edward Snowden to prevent the former CIA employee and National Security Agency contractor from receiving the payment for his book, Permanent Record.

Government

Government Compliance Security IT

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government

Government Military Phishing Information Security

Russian Government-owned research institute linked to Triton attacks

Security Affairs

OCTOBER 23, 2018

Security experts from FireEye found evidence that links the development of the Triton malware (aka Trisis and HatMan) to a Russian government research institute. a Russian government-owned technical research institution located in Moscow. Security Affairs – Triton Malware, ICS). ” continues the expert.

Government

Government Communications Access Security

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The group targeted government and military organizations in Ukraine. Pierluigi Paganini.

Military

Military Phishing Archiving File names

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

FEBRUARY 10, 2020

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. The attackers aimed at stealing confidential documents from government systems after having infected them with malware. ” reads the alert issued by MyCERT.

Government

Government Military Phishing Security

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

million to settle a legal dispute for selling vulnerable software to the US government. Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco is going to pay $8.6 ” reported The New York Times.

Government

Government Sales Access Security

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. Inglis retired from NSA in 2014 where he served the US government for 28 years, since 2013 as the agency’s deputy director. I’m proud of what we are building across the U.S. Pierluigi Paganini.

Military

Military Government Cybersecurity Security

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. link] — Bank Security (@Bank_Security) November 20, 2020. link] — Bank Security (@Bank_Security) November 20, 2020. Pierluigi Paganini. SecurityAffairs – hacking, Fortinet VPNs).

Government

Government Ransomware Access Cybersecurity

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. ” We are in the final!

Government

Government Military Financial Services Security

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the Russian Federal Security Service (FSB). ” concludes the announcement.

Military

Military Metadata Government Passwords

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. Chi-en (Ashley) Shen, a senior security researcher at FireEye, collected evidence that demonstrates that China-linked APT group ICEFOG (aka Fucobha ) is still active. Pierluigi Paganini.

Agriculture

Agriculture Government Military Communications

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. At the time it is not possible to determine if the dump has been stolen from Jazz servers, it is possible that hackers breached the systems of one of its business partners or a government organization.

Sales

Sales Data breaches Authentication Personal data

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. In accordance with this, the attacker IP is blocked and the VPN system security update is applied.” ” reported the Reuters.

Phishing

Phishing Government Data collection Cybersecurity

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. CERT-UA warned Ukrainian CEOs to enhance cybersecurity measures for accountants’ automated workplaces.

Archiving

Archiving Phishing Access Cybersecurity

Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

Security Affairs

FEBRUARY 2, 2024

The attack did not impact systems employed in the 2013 census. The cyberattack hit the servers of the National Agency for Information Society (AKSHI), which handles many government services. The relations between Albania and Iran have deteriorated since the government of Tirana offered asylum to thousands of Iranian dissidents.

Computer and Electronics

Computer and Electronics Government Communications IT

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.

Military

Military Phishing Government IT

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Speaking on condition of anonymity, two cybersecurity experts who’ve briefed U.S.

Cybersecurity

Cybersecurity Government Cleanup Cloud

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

A sophisticated threat actor, tracked as Earth Lusca, is targeting government and private organizations worldwide as for financial purposes. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. ” Follow me on Twitter: @securityaffairs and Facebook.

Healthcare

Healthcare Phishing Archiving Education

Misconfigured WBSC server leaks thousands of passports

Security Affairs

SEPTEMBER 29, 2023

According to our team, the exposed files belonged to the WBSC, the world governing body for baseball, softball, and Baseball5 – a recently introduced sport combining the previous two. Government-issued documents are arguably the most important form of identification a person holds. the team said.

Risk

Risk Phishing Government Cloud

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. This attack could’ve easily been avoided if Yahoo had invested more in the security infrastructure.

Data breaches

Data breaches Passwords Encryption Cybersecurity

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Security Affairs

FEBRUARY 23, 2022

National Security Agency (NSA) Equation Group. The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, backdoor).

Encryption

Encryption Military Archiving Government

Two former Twitter employees charged of spying on Users for Saudi Arabian Government

Security Affairs

NOVEMBER 7, 2019

Two former Twitter employees have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government. Two former Twitter employees have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government.

Government

Government Marketing Privacy Risk

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. ” Microsoft said. Pierluigi Paganini.

Mining

Mining Manufacturing Government Phishing

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.”

Military

Military Manufacturing Access Security

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Nikita Kislitsin, at a security conference in Russia. Department of Justice.

Cybersecurity

Cybersecurity Passwords Government Security

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The post North Korea-Linked APT Group Kimsuky spotted using new malware appeared first on Security Affairs. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government IT Security Information Security

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Security Affairs

MAY 19, 2024

Kimsuky cyberespionage group (aka Springtail, ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. Troll Stealer can also copy the GPKI (Government Public Key Infrastructure) folder on infected computers. Gomir and GoBear share a great portion of their code.

Communications

Communications Government IT Encryption

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. .'” ” Amobee has not yet responded to requests for comment.

Marketing

Marketing Government Systems administration Sales

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Cybersecurity Sales Blockchain

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

Security Affairs

NOVEMBER 6, 2020

In October 2013, the FBI has shut down the popular black market Silk Road after many years of investigation, the website was hosted in the Tor Network and was seized by US law enforcement. According to FBI, between February of 2011 and July 2013, Silk Road managed $1.2 .” On November 5, the U.S. million USD. .

Sales

Sales Marketing Government IT

US DoJ indicts four members of China-linked APT40 cyberespionage group

Security Affairs

JULY 19, 2021

Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. Hainan Xiandun), operating out of Haikou, Hainan Province.

Government

Government Cybersecurity Security Access

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Security

Security Authentication Phishing Government

US govt sanctioned North Korea-linked APT Kimsuky

Security Affairs

DECEMBER 1, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researchers in 2013. OFAC sanctioned the Kimsuky APT for conducting intelligence activities on behalf of the DPRK government. “Today, in coordination with foreign partners, the U.S.

Military

Military Government IT Information Security

Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn

Security Affairs

AUGUST 28, 2020

Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Now, security researchers from Clearsky reported details about a new phishing campaign in which the threat actors impersonate journalists from ‘DeutscheWelle’ and the ‘Jewish Journal.’

Phishing

Phishing Security Government IT

A Light at the End of Liberty Reserve’s Demise?

Krebs on Security

FEBRUARY 14, 2020

In May 2013, the U.S. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim shortly thereafter to see if and when this process might take place.

Government

Government Phishing Access IT

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013. We welcome the opportunity to read all the relevant materials and work with the government before the next hearing,” Keys’ attorney, Mark Reichel, told the Bee. Pierluigi Paganini.

CMS

CMS Cybersecurity Government Access

Microsoft warns of economic damages caused by Iran-linked hackers

Security Affairs

MARCH 7, 2019

Security experts at Microsoft are warning of economic damages caused by the activity of Iran-linked hacking groups that are working to penetrate systems, businesses, and governments worldwide. The post Microsoft warns of economic damages caused by Iran-linked hackers appeared first on Security Affairs. Pierluigi Paganini.

Phishing

Phishing Government Security

US Treasury imposes sanctions on a Russian research institute behind Triton malware

Security Affairs

OCTOBER 24, 2020

. “Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA), a Russian government research institution that is connected to the destructive Triton malware.” ” continues the press release.

Government

Government Cybersecurity Information Security IT

Russian Gamaredon APT is targeting Ukraine since October

Security Affairs

FEBRUARY 6, 2022

This week, Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically. ?. The group targeted government and military organizations in Ukraine.

Military

Military Phishing Government Security

CERT-UA warns of a phishing campaign targeting government entities

Ex Twitter employee found guilty of spying for Saudi Arabian government

Webinars

Trending Sources

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Webinars

CIRWA Project tracks ransomware attacks on critical infrastructure

North Korea APT group targeted tens of UN Security Council officials

United States government files civil lawsuit against Edward Snowden

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Russian Government-owned research institute linked to Triton attacks

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Hunting the ICEFOG APT group after years of silence

Data belonging 44 Million Pakistani mobile users leaked online

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

Gamaredon group uses a new Outlook tool to spread malware

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Financially motivated Earth Lusca threat actors targets organizations worldwide

Misconfigured WBSC server leaks thousands of passports

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Two former Twitter employees charged of spying on Users for Saudi Arabian Government

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

North Korea-Linked APT Group Kimsuky spotted using new malware

North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Adconion Execs Plead Guilty in Federal Anti-Spam Case

New Leak Shows Business Side of China’s APT Menace

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

US DoJ indicts four members of China-linked APT40 cyberespionage group

Iran-linked Phosphorous APT hacked emails of security conference attendees

US govt sanctioned North Korea-linked APT Kimsuky

Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn

A Light at the End of Liberty Reserve’s Demise?

Journalist Matthew Keys is now charged with an attack on a magazine

Microsoft warns of economic damages caused by Iran-linked hackers

US Treasury imposes sanctions on a Russian research institute behind Triton malware

Russian Gamaredon APT is targeting Ukraine since October

Stay Connected